Category: Patchstack weekly

Welcome back to the Patchstack Weekly security update. It is the third week of 2022 and this episode is called WordPress vulnerabilities & Cross-Site Request Forgery. Within this session, I will inform you of 6 popular open-source WordPress components that have patched various vulnerabilities in their code, from information disclosure to cross-site scripting and cross-site […]

Welcome back to the Patchstack Weekly security update! This is Episode 6, released in the 2nd week of 2022. This episode focuses on two main topics – disclosure of unpatched vulnerabilities and supporting open source. In this week’s session, we will cover a WordPress plugin that patched a critical authenticated remote code execution bug. As […]

Welcome to the Patchstack Weekly security update! This is the first Patchstack update for 2022, Happy New Year and let’s get into the security news and talk about factors of authentication. This week I will give a quick roundup detailing the number of vulnerabilities added to the Patchstack database last month and I will give […]

Welcome back to the Patchstack Weekly security update! This update is for week 52 of 2021. This week marks the final week of 2021, and with the year coming to a close it is a great time to reflect on the past, present, and future. So that is the format of this week’s update. Starting […]

Welcome back to the Patchstack Weekly security update! This update is for week 51 of 2021. See the 49th Patchstack Weekly and the 50th Patchstack Weekly here. This week’s news may sound like deja-vu, as I will cover more of the same topics as I did last week. Log4j is still a leading security concern, […]

Welcome to the Patchstack Weekly Security Update! This update is for week 50 of 2021. It is mid-December, and we are still waiting to see the total impact of a vulnerability reported in the open-source component: log4j. This is a library used in a large number of java applications and I will get the details […]

Welcome back to the Patchstack Weekly security update, this update is for December 9th, 2021. We will talk about the Gravatar breach, web history, and vulnerabilities from this week. In this week’s session, we have two high-risk vulnerabilities to report in WordPress plugins and I will talk about the Gravatar email leaks, one-way encryption, and […]

Welcome back to the Patchstack Weekly Security update! This update is for December 2nd, 2021 and in this update, I will focus on dependency confusion. This week is a good week, there are no high-risk vulnerabilities to report on in the WordPress ecosystem. But, that does not mean there is nothing to talk about as […]

Welcome to the Patchstack Weekly. It’s week 47 and this week we talk about incident response, Hide My WP vulnerabilities, and GoDaddy breach. This update is for November 25th, 2021. This week’s news is about a breach at a major hosting provider that affected over a million WordPress websites, and I will cover a premium […]

Welcome back to the Patchstack Weekly Security Update for November 18th, 2021! In this update, I will talk about some security concerns behind package management systems and cover GitHub’s commitment to security as it pertains to their own package management system, the NPM registry. I will then go on to answer the questions: “Are attackers […]